440
edits
Guide:Resisting technological domestic abuse: Difference between revisions
Guide:Resisting technological domestic abuse (edit)
Revision as of 21:47, 14 June 2021
, 2 years agono edit summary
No edit summary |
|||
Line 61:
[[File:Cydia logo.png|thumb|Cydia app store logo]]
Apple, like Google, also actively removes stalkeware apps from its store. To install external apps on iOS devices, generally the device has to be [[w:jailbroken|jailbroken]] (basically, unlocked to enable non-Appstore apps. Most jaibroken devices have an alternative app store on it, called Cydia. If your device has Cydia on it, but you did not jailbreak the phone and install Cydia yourself, you might be a victim of stalkerware.
We cannot say, given that this depends on your personal circumstances. The perpetrator is very likely to notice this, and if attempting to resist may result in further abuse, it may not be advisable.<br>
Remember that in most jurisdictions [[w:wiretapping|wiretapping]] is a serious crime, it may be worth it to keep the stalkerware on the device as evidence.
Line 67:
Even if you cannot remove the stalkerware, just knowing it is there empowers you to make better decisions about your situation.
==Connection monitoring==
Even if your devices aren't spying on your directly, the perpetrator can monitor your online activity if they control the internet connection your use.
===Gateway/Modem/Router===
If you share your WiFi with the perpetrator, there is a potential that they could execute a so-called [[w:man-in-the-middle attack|man-in-the-middle attack]]. Because how most WiFi setups work, all the internet connections on single WiFi network flow thought a single device, which means that this device can see all the unencrypted traffic. This is something you need to be mindful of.
====DNS====
DNS is essentially internet's phonebook. It allows your computer to convert a website, such as {{SERVER} to an [[w:IP address|IP address]] which the computer can actually use to deliver you the website. For various complicated historical reasons, this traffic has not been protected by encryption by default until very recently, and anyone who is on the network can observe you as you access websites. By doing this they can tell which website you access, but they cannot tell what you were doing on that particular website. So, in case of {{SITENAME}}, they would be able to tell you accessed {{SERVER}}, but not not that you looked up this particular page.
=====Cuntermesures=====
If you use Chrome or Firefox, the solution to this is to make sure your browsers are up to date. Both have recently enabled their encrypted DNS by default, so this should kick in with an update. You can check if your DNS is encrypted by runnnig a test found [https://www.cloudflare.com/ssl/encrypted-sni/ on this page].
====TLS====
[[File:HTTPS lock Firefox.svg|thumb|Look for the 'lock' in your browser; those pages are encrypted]]
Vast majority of internet traffic nowadays is encrypted by Transport Layer Security(TLS, formerly SSL). You may know it as the little paddlock in your browser. This is good for you and your privacy, but it does have couple flaws.
=====Server Name Indicator=====
To establish a secure connection, TLS needs to perform a 'so-called' handshake. Because intermediate computers who carry your connection need to know where to send your data, this handshake has to have the address (so-called Server Name Indicator (SNI) and IP address) of the destination website in the plain text. You can think of this in terms of sending a physical mail letter. If you want your letter to be delivered, you need to make the recipient's address public.
That being said, just like unencrypted DNS mentioned above, the perpetrator using this technique can only see the domain of the website you're using, not the content of the website or the exact page.
=====Countermesures=====
There is no easy solution to this currently. VPN would be effective at hiding this, but VPNs are paid for and have their own issues. You can access sensitive sites occasionally with [[TOR Browser]], but conducting all your browsing through TOR can be cumbersome.
There is a proposal to encrypt this 'address field' too, called [[w:Encrypted Client Hello|Encrypted Client Hello]], but it is not yet ready for primetime, and thus most websites don't use it. Here's hoping this changes soon.
=====Certificate errors=====
When you access TLS protected site, the browser automatically checks if the encryption is valid, and verifies nobody is interfering with it. If it cannot do so, it gives you a certificate error, like so:
[[File:Firefox - Insecure connection on CACert.jpg|frameless]]
This indicates that somebody may be trying to intercept your connection, and might be serving you something your browser does not expect. Try your very best to resist the urge to click 'Add exception' as doing so is basically giving permission to the perpetrator to continue observing and interfering with your traffic.
==Account compromise==
=Setting up a safe computing environment=
| |||